Blog > Incident Response

Do you need cyber insurance?

Wondering whether or not it's a good idea to have cyber insurance?

Here's the answer from our Chief Cybersecurity Officer, Dr Karim Ganame, who has managed dozens of incidents over the past few years, including major cyber crises.

 

Cyber insurance is a good idea
Having cyber insurance is strongly recommended, as it could come in very handy when you're faced with a major cyber attack. Indeed, managing a security incident is expensive. Here's a non-exhaustive list of costs:

  • Paying employees' salaries during this period (even if they can not work)

  • Operational management of the incident by an external firm if you don't have in-house expertise

  • Total or partial reconstruction of your IT environment (in the case of ransomware, for example)

  • The amount of the ransom (we strongly advise against ransom payments, but it remains a business decision)

  • Protection of employee credit files (in the event of theft or exfiltration of personal information)

  • Damage and reputation management (if the incident is covered by the media)

  • Etc.


As an example, in my experience, for a company with 1,000 employees, just for salary, a ransomware attack will cost you around $250K/day, i.e. $750K for 3 days! On average, it takes between 3 days and 3 weeks to recover from an attack. The incident will cost you a minimum of US$1M!

So you'll be delighted to see your cyber-insurer cover part of the cost of the incident.

 

Precautions to take before taking out cyber insurance

  • To avoid any misunderstanding, check the scope of the cyber insurance you're being offered. Some incidents may not be covered by default.

  • Make sure that the insurance covers cases of ransomware, as this would be your risk number 1.


If you decide not to have cyber-insurance

  • It's not a good idea, but it's your choice.

  • Be prepared to take responsibility for your decision, because if you are attacked, it could be very costly.


The best thing to do is to reduce the risk of being hacked

  • Enforce your network security  and protect your data

  • Make your employees aware of cybersecurity risks

  • Monitor your network security 24/7, to reduce the risk of being hacked.

  • Negotiate an agreement with a specialized incident response team like Streamscan, so that it can help you quickly if needed.